Job Description :
At Micro Focus, everything we do is based on a simple idea : The fastest way to get results is to build on what you have.
Our software solutions enable organizations to do just that. Secure and scalable, with analytics built in, they bridge the gap between existing and emerging IT fast-tracking digital transformations across DevOps, Hybrid IT, Security, and Predictive Analytics.
In the race to innovate, Micro Focus customers have the clear advantage.
Our portfolio spans the following areas : DevOps IT Operations Cloud Security Info Governance Big Data, Machine Learning, & Analytics
As , you will work closely with our senior threat researcher and partner with clients to investigate the threat leads on their system.
You will help to extract data and remove the noise in order to pinpoint the internal and external threats. Our client base is global and in nearly every industry.
What you will do :
Work with behavioral analytics threat hunting technologies to analyze and identify threat patterns or indicators that can be used for threat detection on our platform.
Follow the emerging threats and attack techniques by reading detailed analytics anomalies.
Identify, analyze and define the attack path of advanced intrusions.
Provide feedback to the Data Science Center of Excellence fornew behavioural models.
Maintain situational awareness of cyber activity by reviewing new anomalies and tracking attack campaigns through their attack cycle.
Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs) through the analytics.
Follow the analytic results leveraging additional search techniques including Kibana and Athena.
Your range of experience and skills include :
Understanding the cybersecurity landscape
Current knowledge of current and past malware methods, attack methodologies, and TTPs (Tactics, Techniques, Procedures)
Strong understanding of current attacker tradecraft
Work with customers to understand the critical assets in their environment to develop additional detection patterns.
Experience with common industry EDR / SOAR / Anomaly detection solutions (FireEye, Carbon Black, Endgame, Falcon, etc.)
Experince with AWS, Contariners or Virtualization environments (Nice to have)
Understanding of IoT and other embedded systems (Industrical or Commercial) (Nice to Have)
Experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Optional)
Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix. (Optional)
Knowledge of Operating Systems and Network Protocols
An extensive knowledge of Operating System Internals (Windows, *nix, MacOS)
Strong understanding of network security concepts and network protocols, netflow and web proxy.
Scripting knowledge (PowerShell, Python, etc.)
Communicate with customers explaining the threat hunt findings in technical terms
Leverage the threat hunt tool to record you findings
Who you are : Desire to Learn
Desire to Learn
You are a self-starter and enjoy working collaboratively with your peers
You are determined to understand cyber attack techniques at a very detailed level
LI - SP2